-
Notifications
You must be signed in to change notification settings - Fork 5.8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
executor, privilege: require CONFIG privilege for is.cluster_config #26071
Conversation
Username: "uroot2", | ||
Hostname: "localhost", |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The username doesn't match the AuthUsername, which looks like a problem waiting to happen. I wrote this test but must have missed it :(
[REVIEW NOTIFICATION] This pull request has been approved by:
To complete the pull request process, please ask the reviewers in the list to review by filling The full list of commands accepted by this bot can be found here. Reviewer can indicate their review by submitting an approval review. |
/merge |
This pull request has been accepted and is ready to merge. Commit hash: 8bda59f
|
Signed-off-by: ti-srebot <ti-srebot@pingcap.com>
cherry pick to release-5.1 in PR #26150 |
What problem does this PR solve?
Issue Number: close #26062
Problem Summary:
The cluster_config table should require the
CONFIG
privilege. This is consistent with the behavior change in #25379 which requiresCONFIG
forSHOW CONFIG
.It makes sense to cherry pick to 5.1, but not 5.0; because the behavior in 5.0 was not established yet, and
SHOW CONFIG
still requires no privileges.What is changed and how it works?
What's Changed:
Reading from the table information_schema.cluster_config now requires the CONFIG privilege.
Related changes
Check List
Tests
Side effects
Release note